Vulnerability CVE-2018-19010
Published: 2019-01-28

Description:
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. A malformed network packet may cause the monitor to reboot. By repeatedly sending the malformed network packet, an attacker may be able to disrupt patient monitoring by causing the monitor to repeatedly reboot until it falls back to default configuration and loses network connectivity.

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:A/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.3/10
2.9/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Draeger -> Delta xl firmware 
Draeger -> Infinity delta firmware 
Draeger -> Infinity explorer c700 firmware 
Draeger -> Kappa firmware 

 References:
http://www.securityfocus.com/bid/106683
https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01
Copyright 2024, cxsecurity.com

 

Back to Top